1. Home
  2. Weaknesses
  3. CWE-294

CWE-294: Authentication Bypass by Capture-replay

ID CWE-294
Abstraction Base
Structure Simple
Status Incomplete
Number of CVEs 146
Detail CAPEC Dashboard Vulnerabilities Web & Social
A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

Capture-replay attacks are common and can be difficult to defeat without cryptography. They are a subset of network injection attacks that rely on observing previously-sent valid commands, then changing them slightly if necessary and resending the same commands to the server.

Modes of Introduction

Phase Note
Architecture and Design COMMISSION: This weakness refers to an incorrect design related to an architectural security tactic.

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-1390 Weak Authentication Class Simple Incomplete
CWE-1003 Weaknesses for Simplified Mapping of Published Vulnerabilities Incomplete CWE-287 Improper Authentication Class Simple Draft

Common Attack Pattern Enumeration and Classification (CAPEC)

The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.

CAPEC at Mitre.org
# ID Name Weaknesses
CAPEC-60 Reusing Session IDs (aka Session Replay) CWE-294
CAPEC-94 Adversary in the Middle (AiTM) CWE-294
CAPEC-102 Session Sidejacking CWE-294
CAPEC-509 Kerberoasting CWE-294
CAPEC-555 Remote Services with Stolen Credentials CWE-294
CAPEC-561 Windows Admin Shares with Stolen Credentials CWE-294
CAPEC-644 Use of Captured Hashes (Pass The Hash) CWE-294
CAPEC-645 Use of Captured Tickets (Pass The Ticket) CWE-294
CAPEC-652 Use of Known Kerberos Credentials CWE-294
CAPEC-701 Browser in the Middle (BiTM) CWE-294

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date